Comments
-
So it looks like to get the results from Blocked Sites (blocking both ways) I had to add 2 policies in Policy Manager. One for outbound and other for inbound.
-
Thanks, I removed both policies, and the Alias I created. Added the IPs to Blocked Sites, now when I ping it, I see it in Traffic Monitor. I had to add it from the Web UI, because when I tried to add it from FSM, it was asking for expiration.
-
It looks like Blocked Sites needs to have an expiration date though. I want to block it indefinitely. So looks like I need to add another policy to deny from 'Compromised IOC IPs' to ANY.
-
It looks like the reason I don't see the IP in the Traffic Monitor is because it can't reach it but yeah I would think it will show as denied in Traffic Monitor.
-
I have 'Send log message' selected. But don't see denied in Traffic Monitor when I'm pinging the IP.
-
Yes, I want to block access to those IP addresses. So since I can't no longer ping those IP from my computer, and I don't see it on the traffic monitor, it looks like its working. But my question is, are those IP addresses blocked from accessing the Watchguard? Is it blocked both ways?
-
Because when I did it the opposite way, Deny 'Compromised IOC IPs' to ANY, I was able to ping one of the IPs.
-
Sorry for the late reply. It was my error. I mislabeled the switch port wrong, so I was tagging to wrong interface. Tagged to correct interface, and it works.
-
This is the port setting on my switch unlinking from WatchGuard. If I plug in a laptop on port 18, the laptop gets connection to VLAN 6. Running configuration: interface 17 name "Bechdon VLAN Uplink" tagged vlan 6 exit interface 18 name "Bechdon Test Port" untagged vlan 6 exit interface 25 name "Uplink to new bldg" tagged…
-
I agree it does seem like a switch issue because I'm getting dhcp address on one swich. This is the port setting on my switch unlinking from WatchGuard interface 2 (VLAN 6 Tagged). If I plug in a laptop on port 18, the laptop gets connection to VLAN 6. Also, I'm testing on both switches with the same laptop and Ethernet…
-
This is the port setting on my switch unlinking from WatchGuard. If I plug in a laptop on port 18, the laptop gets connection to VLAN 6. **Running configuration: interface 17 name "Bechdon VLAN Uplink" tagged vlan 6 exit interface 18 name "Bechdon Test Port" untagged vlan 6 exit interface 25 name "Uplink to new bldg"…
-
Thank you. Yes, its a static IP. Not DHCP. I set a static IP outside of dhcp reservation, and so far its working. Not sure why it was working earlier before the power outage.
-
It seems that was the reason, but when I look at the firewall policy, I don't see anything pointing to tcp 79.
-
That worked, thank you. Although we had to use port 78 for http.
-
Thanks, I'll try that once they make the port changes in the server.
-
Yes, the internal and external ports are different for this new server. So I just need to create a new custom policy and add TCP ports 79 & 22608 to that. Then create a SNAT, select the same public IP, enter the internal LAN IP that's it? To access the server from external, just type in the public IP and port 79? Example,…
-
Thank you, I see it now.
-
Thanks, I'll take a look later. I'm still relatively new to WG, but it seems like there's a different program for monitoring. I'm used to having everything in one place with Meraki.
-
I never used this feature. This is my Dimension home page. Where do I go from here?
-
I enabled logging on the VPN policy, and I VPN'd from home last night. But I don't see anything in the dimension. I selected past 7 days, but nothing.
-
I also tried turning off the windows firewall on the file share server, but same result. Only Any policy gives access to network share, but not SMB.
-
I know the screenshots are hard to see, When it was working it showed this in Green Member2 Allow 10.0.4.75 10.0.0.240 icmp CNC WiFi Trusted Allowed 60 254 (DMG Machines access to Ridge-Storage-01-00) When its not working, this showed in Red Member2 Deny 10.0.4.75 10.0.0.240 icmp CNC WiFi Trusted Denied 60 254 (Unhandled…
-
When I did that, I don't see the policy name now, and there are a bunch of Unhandled Internal Packet-00
-
@"james.carson" , This is the firewall policy I have set now [6]. I had [5] originally but it was not allowing access. There's a deny for blocking internet, and that's working. I don't see a deny for blocking SMB access. I'll disable 5, and reenable 6 may be I'll see what's blocking in traffic monitor then.
-
The connection is establishing because I have Any policy on the firewall, so its allowing everything. But if I allow only SMB policy, the machine can't access the files (it can ping the file share, but can't access any files). The folder becomes blank.
-
ok, thanks again for the feed back. I wonder why then when I allow SMB policy, its not working. I'll look at traffic monitor.
-
Correct, port 445 is the SMB port on the file share server, but what does 53889 mean. I thought that's what the machine is using to access the file share.
-
Sorry for reopening this old post I tried the default SMB protocol, but when I do that the machine lost connection to the file share. I looked at netstat -bn on the file share, and I'm showing this below. 10.0.0.240 is the file share server and 10.0.4.75 is the machine, and it looks like its using port 53889 (I have Any…
-
Thank you, we have Dimension
-
I also have these 2 notifications on WatchGuard Cloud. What does this mean? My features keys are good for another 392 days, so I'm assuming that's not it.